Virus ?

[Loprakso]

Beste,

Sedert enkele dagen wanneer ik Firefox opstartte kreeg ik als startpagina QVO6. Met te klikken op de knop Startpagina kreeg ik wel de gewenste, te weten: Symbaloo.

Ik heb veel moeite gehad om QVO6 te verwijderen, door het gebruik van ADW Cleaner en vooral Junkware Removal.

Maar sedert dan slaat mijn pc op hol. Het gebeurt geregeld wanneer ik op een link klik (meestal rood gekleurd en dubbel onderstreept) krijg ik eerst een totaal aan andere site, die weghalen en ik beland op de gewenste.

Mijn cursor op dergelijke link opent meestal een ongewenst tabblad van ****ografische aard of gerichte onderhoudstools

Ik ontvang ook continu pop ups van allerlei soort. Het is storend!!!!!

Kortom er is iets loos, maar wat? Ligt het bij mijn instellingen van Firefox?

Zelfs op uw site heb ik met die problemen af te rekenen.

U zal er wel een uitleg voor vinden, ik geef het op.

dank bij voorbaat.

[kape]

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

[Loprakso]

Logfile of random's system information tool 1.09 (written by random/random)

Run by admin at 2013-10-08 19:37:19

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 895 GB (94%) free of 954 GB

Total RAM: 3549 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:37:22, on 8/10/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16686)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe

C:\Program Files\CyberLink\Shared files\brs.exe

C:\Program Files\VMware\VMware Player\hqtray.exe

C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\PixelPlanet\PdfPrinter 6\PdfPrinterMonitor.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe

C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Users\admin\AppData\Local\FilesFrog Update Checker\update_checker.exe

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Program Files\NETGEAR\WG111v3\WG111v3.exe

C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Windows Live\Mail\wlmail.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\admin\Downloads\RSIT.exe

C:\Program Files\trend micro\admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: LemurLeap - {415419c3-dad0-4df1-ac37-22c72ad81878} - C:\Program Files\LemurLeap\LemurLeapbho.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: (no name) - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - (no file)

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.24.6\bh\delta.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.24.6\deltaTlbr.dll

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"

O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"

O4 - HKLM\..\Run: [bDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe

O4 - HKLM\..\Run: [updatePPShortCut] "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"

O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Player\hqtray.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [PixelPlanet PdfPrinter-Monitor] "C:\Program Files\Common Files\PixelPlanet\PdfPrinter 6\PdfPrinterMonitor.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [obkagent] "C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe"

O4 - HKCU\..\Run: [Dictionary .NET] "C:\Users\admin\AppData\Local\Temp\Temp1_DictionaryNet.zip\Dictionary.exe" -c

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [WiFi Guard] "C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe" /hide

O4 - HKCU\..\Run: [sDP] C:\Users\admin\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: Dropbox.lnk = admin\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll

O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.belfius.be

O16 - DPF: {10000000-1000-1000-1000-100000000000} - http://cdn.betteradvertising.com/ghostery/addons/ie/2.4.2.0/ghostery.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{25832E89-2212-4801-9B56-C58DB9542B63}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{EEEDD743-E308-45AF-BC29-2D4D26515907}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~2\bitguard\261694~1.246\{c16c1~1\bitguard.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: BitGuard - Unknown owner - C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Safepay Service Agent (OBKSvc) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Safepay\OBKSvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-ufad.exe

O23 - Service: Update LemurLeap - LemurLeap - C:\Program Files\LemurLeap\updateLemurLeap.exe

O23 - Service: Bitdefender Safepay Update Service (UPDATESRV_SAFEPAY) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe

O23 - Service: Util LemurLeap - LemurLeap - C:\Program Files\LemurLeap\bin\utilLemurLeap.exe

O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe

O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe

O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe

--

End of file - 12480 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GlaryInitialize.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default

prefs.js - "browser.search.useDBForOrder" - "false"

prefs.js - "browser.startup.homepage" - "http://www.symbaloo.com/"

"belgiumeid@eid.belgium.be"=C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.8.800.168 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]

"Description"=Picasa3 plugin

"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]

"Description"=Javaâ„¢ Deployment Toolkit

"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3]

"Description"=DealPlyLive Update

"Path"=C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9]

"Description"=DealPlyLive Update

"Path"=C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\

belgiumeid@eid.belgium.be

ffxtlbr@babylon.com

C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\extensions\

71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com

ffxtlbr@delta.com

firefox@lemurleap.info

C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\searchplugins\

ask-search.xml

Yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{415419c3-dad0-4df1-ac37-22c72ad81878}]

LemurLeap - C:\Program Files\LemurLeap\LemurLeapbho.dll [2013-10-03 249632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-12 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]

Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-23 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]

delta Helper Object - C:\Program Files\Delta\delta\1.8.24.6\bh\delta.dll [2013-08-15 314264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-23 192592]

{82E1477C-B154-48D3-9891-33D83C26BCD3} - Delta Toolbar - C:\Program Files\Delta\delta\1.8.24.6\deltaTlbr.dll [2013-08-15 300952]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2009-06-03 103720]

"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]

"RemoteControl9"=C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-04-27 87336]

"PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2009-04-27 50472]

"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-05-07 75048]

"UpdatePPShortCut"=C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

"UpdatePSTShortCut"=C:\Program Files\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [2009-07-22 210216]

"VMware hqtray"=C:\Program Files\VMware\VMware Player\hqtray.exe [2011-03-25 64112]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]

"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]

"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-01-24 1316248]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe []

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 995176]

"PixelPlanet PdfPrinter-Monitor"=C:\Program Files\Common Files\PixelPlanet\PdfPrinter 6\PdfPrinterMonitor.exe [2011-11-04 2233912]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-05-31 152392]

"obkagent"=C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe [2013-09-25 485488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Dictionary .NET"=C:\Users\admin\AppData\Local\Temp\Temp1_DictionaryNet.zip\Dictionary.exe -c []

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background []

"Spotify Web Helper"=C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-10-04 1140736]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-08-24 39408]

"WiFi Guard"=C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe /hide []

"SDP"=C:\Users\admin\AppData\Local\FilesFrog Update Checker\update_checker.exe [2013-01-31 201808]

"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-10-03 5706480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyPC]

C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe -d 20000 []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

NETGEAR WG111v3 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v3\WG111v3.exe

C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

Dropbox.lnk - C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\progra~2\bitguard\261694~1.246\{c16c1~1\bitguard.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2011-02-11 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"VIDC.VMnc"=vmnc.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-08 19:37:19 ----D---- C:\rsit

2013-10-06 21:58:04 ----D---- C:\Program Files\LemurLeap

2013-10-06 21:50:50 ----D---- C:\Program Files\Free YouTube Downloader

2013-10-06 21:49:42 ----D---- C:\Program Files\Delta

2013-10-06 21:49:38 ----D---- C:\ProgramData\BitGuard

2013-10-06 21:49:35 ----D---- C:\Users\admin\AppData\Roaming\BabSolution

2013-10-06 21:49:34 ----D---- C:\ProgramData\DSearchLink

2013-10-06 21:49:18 ----D---- C:\Users\admin\AppData\Roaming\Babylon

2013-10-06 21:49:18 ----D---- C:\ProgramData\Babylon

2013-10-06 19:22:04 ----D---- C:\Windows\ERUNT

2013-10-06 19:09:15 ----A---- C:\AdwCleaner[s3].txt

2013-10-06 19:08:50 ----A---- C:\AdwCleaner[R5].txt

2013-10-06 19:08:24 ----A---- C:\AdwCleaner[R4].txt

2013-10-06 19:03:37 ----D---- C:\Program Files\MyPC Backup

2013-10-06 19:02:44 ----D---- C:\ProgramData\DealPlyLive

2013-10-06 19:02:44 ----D---- C:\Program Files\DealPlyLive

2013-10-06 14:39:06 ----D---- C:\Program Files\Enigma Software Group

2013-10-06 14:37:29 ----D---- C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP

2013-10-06 14:37:28 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

2013-10-05 19:35:12 ----D---- C:\Program Files\EuroSoft Software Development

2013-09-30 19:57:01 ----D---- C:\Users\admin\AppData\Roaming\QuotePad

2013-09-30 19:56:49 ----D---- C:\Program Files\QuotePad

2013-09-28 22:39:13 ----D---- C:\Users\admin\AppData\Roaming\vlc

2013-09-22 16:17:11 ----D---- C:\ProgramData\AskPartnerNetwork

2013-09-22 16:16:01 ----D---- C:\Program Files\FirstRowSportApp.com

2013-09-17 21:17:51 ----D---- C:\Program Files\Mozilla Firefox

2013-09-11 17:19:23 ----A---- C:\Windows\system32\jscript9.dll

2013-09-11 17:19:23 ----A---- C:\Windows\system32\jscript.dll

2013-09-11 17:19:22 ----A---- C:\Windows\system32\jsproxy.dll

2013-09-11 17:19:22 ----A---- C:\Windows\system32\iesetup.dll

2013-09-11 17:19:21 ----A---- C:\Windows\system32\msfeeds.dll

2013-09-11 17:19:21 ----A---- C:\Windows\system32\ieui.dll

2013-09-11 17:19:21 ----A---- C:\Windows\system32\ie4uinit.exe

2013-09-11 17:19:20 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-09-11 17:19:20 ----A---- C:\Windows\system32\iernonce.dll

2013-09-11 17:19:19 ----A---- C:\Windows\system32\urlmon.dll

2013-09-11 17:19:19 ----A---- C:\Windows\system32\iesysprep.dll

2013-09-11 17:19:18 ----A---- C:\Windows\system32\iertutil.dll

2013-09-11 17:19:17 ----A---- C:\Windows\system32\wininet.dll

2013-09-11 17:19:16 ----A---- C:\Windows\system32\ieframe.dll

2013-09-11 17:19:14 ----A---- C:\Windows\system32\mshtml.dll

2013-09-11 16:13:15 ----A---- C:\Windows\system32\shell32.dll

2013-09-11 16:13:13 ----A---- C:\Windows\system32\shdocvw.dll

2013-09-11 16:13:11 ----A---- C:\Windows\system32\drivers\ataport.sys

2013-09-11 16:13:10 ----A---- C:\Windows\system32\win32k.sys

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2013-09-11 16:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2013-09-11 16:13:09 ----A---- C:\Windows\system32\winsrv.dll

2013-09-11 16:13:09 ----A---- C:\Windows\system32\KernelBase.dll

2013-09-11 16:13:09 ----A---- C:\Windows\system32\kernel32.dll

2013-09-11 16:13:09 ----A---- C:\Windows\system32\conhost.exe

2013-09-11 16:13:08 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2013-09-11 16:13:08 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2013-09-11 16:13:08 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2013-09-09 22:06:27 ----D---- C:\ProgramData\BDLogging

2013-09-09 21:11:52 ----D---- C:\Users\admin\AppData\Roaming\QuickScan

2013-09-09 21:06:27 ----D---- C:\ProgramData\Bitdefender

2013-09-09 21:05:34 ----D---- C:\Program Files\Bitdefender

2013-09-09 21:05:34 ----A---- C:\Windows\system32\drivers\gzflt.sys

2013-09-09 20:59:27 ----D---- C:\Program Files\Common Files\Bitdefender

======List of files/folders modified in the last 1 month======

2013-10-08 19:37:22 ----D---- C:\Program Files\Trend Micro

2013-10-08 19:36:49 ----D---- C:\Windows\Temp

2013-10-08 19:22:39 ----D---- C:\Users\admin\AppData\Roaming\Dropbox

2013-10-08 18:39:05 ----D---- C:\Windows\system32\drivers\etc

2013-10-08 18:12:07 ----D---- C:\Windows\system32\FxsTmp

2013-10-08 18:11:25 ----SHD---- C:\Windows\Installer

2013-10-08 18:11:25 ----SHD---- C:\Config.Msi

2013-10-08 18:11:24 ----SD---- C:\Users\admin\AppData\Roaming\Microsoft

2013-10-08 18:00:19 ----D---- C:\Windows\system32\config

2013-10-08 17:39:06 ----D---- C:\ProgramData\VMware

2013-10-08 17:39:02 ----D---- C:\Windows\system32\Tasks

2013-10-07 14:59:41 ----RD---- C:\Program Files

2013-10-06 22:11:06 ----D---- C:\Windows\Prefetch

2013-10-06 21:54:46 ----AD---- C:\ProgramData\Temp

2013-10-06 21:50:53 ----HD---- C:\ProgramData

2013-10-06 19:22:42 ----D---- C:\Windows\Tasks

2013-10-06 19:22:04 ----D---- C:\Windows

2013-10-06 19:03:29 ----D---- C:\Windows\winsxs

2013-10-06 18:53:13 ----D---- C:\Windows\system32\wbem

2013-10-06 18:52:28 ----D---- C:\Program Files\SUPERAntiSpyware

2013-10-06 18:52:28 ----D---- C:\Program Files\Glary Utilities

2013-10-06 18:52:27 ----D---- C:\Windows\system32\DriverStore

2013-10-06 18:52:27 ----D---- C:\Windows\system32\catroot2

2013-10-06 18:52:27 ----D---- C:\Windows\System32

2013-10-06 18:52:27 ----D---- C:\Windows\registration

2013-10-06 18:52:27 ----D---- C:\Windows\inf

2013-10-06 18:52:27 ----D---- C:\Windows\AppCompat

2013-10-06 18:52:27 ----D---- C:\Users\admin\AppData\Roaming\Spotify

2013-10-06 18:52:27 ----D---- C:\Users\admin\AppData\Roaming\MusicBee

2013-10-06 18:52:27 ----D---- C:\Users\admin\AppData\Roaming\ATViewer

2013-10-06 18:26:09 ----SHD---- C:\System Volume Information

2013-10-06 18:13:26 ----D---- C:\Windows\system32\drivers

2013-10-06 16:59:30 ----D---- C:\Données EuroSoft Software Development

2013-10-06 14:37:28 ----D---- C:\Program Files\Common Files

2013-10-02 19:26:26 ----D---- C:\Windows\security

2013-09-23 18:11:10 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2013-09-18 17:01:24 ----D---- C:\Program Files\Mozilla Maintenance Service

2013-09-11 19:12:36 ----D---- C:\Windows\rescache

2013-09-11 18:00:46 ----D---- C:\Windows\Microsoft.NET

2013-09-11 18:00:17 ----RSD---- C:\Windows\assembly

2013-09-11 17:21:10 ----D---- C:\Program Files\Internet Explorer

2013-09-11 17:21:09 ----D---- C:\Windows\system32\nl-NL

2013-09-11 17:19:35 ----D---- C:\Windows\system32\catroot

2013-09-11 17:18:31 ----D---- C:\Windows\system32\MRT

2013-09-11 17:16:09 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gzflt;gzflt; C:\Windows\system32\DRIVERS\gzflt.sys [2012-09-05 162848]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2011-03-04 45648]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]

R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]

R1 SAS***IL;SAS***IL; \??\C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS [2011-07-12 67664]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]

R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/01/31 21:51:22]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl [2009-05-07 87536]

R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2011-03-25 32368]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]

R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]

R2 vmci;VMware vmci; \??\C:\Windows\system32\Drivers\vmci.sys [2011-03-25 70768]

R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2011-03-25 36400]

R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2011-03-25 26352]

R2 VMparport;VMware VMparport; \??\C:\Windows\system32\Drivers\VMparport.sys [2011-03-25 23792]

R2 vmx86;VMware vmx86; \??\C:\Windows\system32\Drivers\vmx86.sys [2011-03-25 854256]

R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Player\vstor2-ws60.sys [2010-08-19 22448]

R3 ACSSCR;ACR38 Smart Card Reader; C:\Windows\system32\DRIVERS\a38usb.sys [2011-06-29 37632]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]

R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-03-21 362600]

R3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver; C:\Windows\system32\DRIVERS\wg111v3.sys [2009-11-18 376832]

R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]

R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2011-03-25 24688]

R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2011-03-25 16560]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]

S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 30312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]

S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]

S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-04-07 36608]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]

S3 RT2500USB;ASUS USB Wireless LAN Driver; C:\Windows\system32\DRIVERS\rt2500usb.sys [2004-08-13 140544]

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]

S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]

S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]

S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]

R2 BitGuard;BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2013-09-23 2845664]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 22208]

R2 OBKSvc;Safepay Service Agent; C:\Program Files\Bitdefender\Bitdefender Safepay\OBKSvc.exe [2013-09-25 343848]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2009-04-27 271760]

R2 Update LemurLeap;Update LemurLeap; C:\Program Files\LemurLeap\updateLemurLeap.exe [2013-10-03 65312]

R2 UPDATESRV_SAFEPAY;Bitdefender Safepay Update Service; C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe [2013-09-25 66784]

R2 Util LemurLeap;Util LemurLeap; C:\Program Files\LemurLeap\bin\utilLemurLeap.exe [2013-10-07 65312]

R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Player\vmware-authd.exe [2011-03-25 113264]

R2 VMnetDHCP;VMware DHCP Service; C:\Windows\system32\vmnetdhcp.exe [2011-03-25 334448]

R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-03-25 539248]

R2 VMware NAT Service;VMware NAT Service; C:\Windows\system32\vmnat.exe [2011-03-25 404080]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 553288]

R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 295376]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-07 136176]

S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2013-01-10 72704]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-23 257416]

S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-07 136176]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-28 194032]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-17 118680]

S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]

S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Player\vmware-ufad.exe [2010-08-19 191024]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-27 1343400]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

[kape]

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
{415419c3-dad0-4df1-ac37-22c72ad81878};c
 {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66};c
 {C1AF5FA5-852C-4C90-812E-A7F75E011D87};c
 C:\Program Files\Delta;fs
 {82E1477C-B154-48D3-9891-33D83C26BCD3};c
 {10000000-1000-1000-1000-100000000000};c
 C:\ProgramData\BitGuard;fs
 Update LemurLeap;s
 BitGuard;s
 [-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9];r
 C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com;f
 C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\extensions\[email="ffxtlbr@delta.com"]ffxtlbr@delta.com[/email];f
 C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\extensions\[email="firefox@lemurleap.info"]firefox@lemurleap.info[/email];f
 C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\searchplugins\ask-search.xml;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{415419c3-dad0-4df1-ac37-22c72ad81878}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}];r
 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyPC];r
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r
 "AppInit_DLLs"=-;r
 C:\Program Files\LemurLeap;fs
 C:\Users\admin\AppData\Roaming\BabSolution;fs
 C:\Users\admin\AppData\Roaming\Babylon;fs
 C:\ProgramData\Babylon;fs
 C:\AdwCleaner[s3].txt;f
 C:\AdwCleaner[R5].txt;f
 C:\AdwCleaner[R4].txt;f
 C:\Program Files\MyPC Backup;fs
 C:\ProgramData\DealPlyLive;fs
 C:\Program Files\DealPlyLive;fs
 C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP;f
 emptyfolderscheck;
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• HijackThis Log
  
• Firefox Defaults
  
• Reset Chrome
  
• IE Defaults
  
• Auto Clean
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[Loprakso]

Z-Analyse V1.0.0.1 Updated 07-October-2013

Tool run by admin on wo 09/10/2013 at 18:41:18,01.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\admin\AppData\Local\Temp\Temp1_zoek-2.zip\Z-Analyse.scr [Deep Scan]

==== System Restore Info ======================

9/10/2013 18:41:58 Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Bitdefender\Bitdefender Safepay\OBKSvc.exe

C:\Program Files\CyberLink\Shared files\RichVideo.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe

C:\Program Files\CyberLink\Shared files\brs.exe

C:\Program Files\VMware\VMware Player\hqtray.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\PixelPlanet\PdfPrinter 6\PdfPrinterMonitor.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe

C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Users\admin\AppData\Local\FilesFrog Update Checker\update_checker.exe

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Program Files\NETGEAR\WG111v3\WG111v3.exe

C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

C:\Windows\system32\vmnat.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\VMware\VMware Player\vmware-authd.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\vmnetdhcp.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\DllHost.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\taskhost.exe

C:\Users\admin\AppData\Local\Temp\Temp1_zoek-2.zip\Z-Analyse.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\conhost.exe

C:\Users\admin\AppData\Local\Temp\NirCmd.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\System32\svchost.exe -k swprv

==== System Specs ======================

Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601)

Memory (RAM): 3550 MB

CPU Info: Pentium® Dual-Core CPU E5700 @ 3.00GHz

CPU Speed: 3009,9 MHz

Sound Card: Luidsprekers (High Definition A |

Display Adapters: Intel® G41 Express Chipset | Intel® G41 Express Chipset | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Algemeen PnP-beeldscherm |

Screen Resolution: 1920 X 1080 - 32 bit

Network: Network Present

Network Adapters: Microsoft Virtual WiFi Miniport Adapter | NETGEAR WG111v3 Wireless-G USB Adapter | Realtek PCIe GBE Family Controller | VMware Virtual Ethernet Adapter for VMnet1 | VMware Virtual Ethernet Adapter for VMnet8

CD / DVD Drives: 1x (D: | ) D: Optiarc DVD RW AD-5260S

Ports: COM1 LPT1

Mouse: 8 Button Wheel Mouse Present

Hard Disks: C: 931,4GB | E: 465,8GB

Hard Disks - Free: C: 875,0GB | E: 352,0GB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 12/21/09 | A_M_I_ - 12000921

Time Zone: Romance (standaardtijd)

Motherboard *: ASUSTeK Computer INC. V-P5G41E

Country: Belgi‰

Language: NLB

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: Microsoft Security Essentials disabled (Outdated)

Default Browser: Firefox 24.0

Internet Explorer Version: 10.0.9200.16686

Mozilla Firefox version: 24.0 (x86 nl)

Adobe Reader version: 10.1.8.24

Sun Java version: 1.7.0_25 (32-bit)

Flash Player version: 11.8.800.168

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\admin\AppData\Local\Temp ====

2013-10-06 19:57:53 C78539208554BDF5B49D6A17C7965853 175208 ----a-w- C:\Users\admin\AppData\Local\Temp\LemurLeap_sm.exe

2013-10-06 19:49:23 B212865E7E478A28A97268F960079A8D 132096 ----a-w- C:\Users\admin\AppData\Local\Temp\9F7289A5-BAB0-7891-B724-D00621E4D400\Latest\BExternal.dll

2013-10-06 19:49:23 A21DE5067618D4F2DF261416315ED120 6144 ----a-w- C:\Users\admin\AppData\Local\Temp\9F7289A5-BAB0-7891-B724-D00621E4D400\Latest\IEHelper.dll

2013-10-06 19:49:23 0F66E8E2340569FB17E774DAC2010E31 520234 ----a-w- C:\Users\admin\AppData\Local\Temp\9F7289A5-BAB0-7891-B724-D00621E4D400\Latest\sqlite3.dll

2013-10-06 19:49:03 8B64BCD9EAF292636E68CA78C6DE79D4 5668624 ----a-w- C:\Users\admin\AppData\Local\Temp\{2CDC3929-2938-4A98-BB25-93C91963FEBB}\setup.exe

2013-10-06 19:48:30 2F5252E50745E47DB355B005725DAE05 327880 ----a-w- C:\Users\admin\AppData\Local\Temp\appshat-distribution.exe

2013-10-06 19:48:28 D3197FAE11B8307F0F52343142709D77 836708 ----a-w- C:\Users\admin\AppData\Local\Temp\DeltaTB.exe

2013-10-06 19:47:56 FBE369DF3B3D51CB874535FAA3B3EBEA 5807696 ----a-w- C:\Users\admin\AppData\Local\Temp\OptimizerPro.exe

2013-10-06 19:47:49 83087F025194693DFF3A0F22E6A4AE96 196376 ----a-w- C:\Users\admin\AppData\Local\Temp\UpdateCheckerSetup.exe

2013-10-06 17:21:46 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2013-10-06 17:07:32 2B8FB03BF38CB33A98D804CFDC2BB2C0 258560 ----atw- C:\Users\admin\AppData\Local\Temp\ins70\ins70.exe

2013-10-06 17:02:47 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Users\admin\AppData\Local\Temp\vcredist_x86.exe

2013-10-06 17:02:39 858D895AD40DE9779E78C39A116F9553 10355400 ----a-w- C:\Users\admin\AppData\Local\Temp\BackupSetup.exe

2013-10-06 15:18:29 8B64BCD9EAF292636E68CA78C6DE79D4 5668624 ----a-w- C:\Users\admin\AppData\Local\Temp\{1C351DDC-B7FD-4598-8CE0-BB7A2ED701AD}\setup.exe

2013-10-06 15:17:47 8F8138B6D2B9428C388E763347C515A8 5514432 ----a-w- C:\Users\admin\AppData\Local\Temp\ins1197\LyricsSay_1060-8002_v122.exe

2013-10-06 12:36:31 84126D8FA81D231E1DEFD8D0906F8D70 45827664 ----a-w- C:\Users\admin\AppData\Local\Temp\SHSetup.exe

2013-10-05 18:19:44 663C0061B5141CBFA401E578C36F129C 12612850 ----a-w- C:\Users\admin\AppData\Local\Temp\is1244477948\4806171_Setup.EXE

====== Java Cache =====

====== C:\Windows\system32 =====

====== C:\Windows\system32\drivers =====

2013-09-11 14:13:11 DDCE686D76C2B4DB435A3AF5BD0E691D 133056 ----a-w- C:\Windows\System32\drivers\ataport.sys

2013-09-09 19:05:34 B54B98816EC8F861CA5D9EC74BA06F22 162848 ----a-w- C:\Windows\System32\drivers\gzflt.sys

====== C:\Windows\Tasks ======

2013-10-08 21:59:34 37B5D8F0C3AB7C9E2046DEA5075B6656 3420 ----a-w- C:\Windows\system32\Tasks\BitGuard

2013-10-06 19:49:35 D940C44CDC7A48317FCBE04DF3B005C8 3388 ----a-w- C:\Windows\system32\Tasks\EPUpdater

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-10-06 19:58:04 -------- d-----w- C:\Program Files\LemurLeap

2013-10-06 19:50:50 -------- d-----w- C:\Program Files\Free YouTube Downloader

2013-10-06 19:49:42 -------- d-----w- C:\Program Files\Delta

2013-10-06 17:03:37 -------- d-----w- C:\Program Files\MyPC Backup

2013-10-06 17:02:44 -------- d-----w- C:\Program Files\DealPlyLive

2013-10-06 12:39:06 -------- d-----w- C:\Program Files\Enigma Software Group

2013-10-06 12:37:28 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard

2013-10-05 17:35:12 -------- d-----w- C:\Program Files\EuroSoft Software Development

2013-09-30 17:56:49 -------- d-----w- C:\Program Files\QuotePad

2013-09-22 14:16:01 -------- d-----w- C:\Program Files\FirstRowSportApp.com

2013-09-09 19:05:34 -------- d-----w- C:\Program Files\Bitdefender

2013-09-09 18:59:27 -------- d-----w- C:\Program Files\Common Files\Bitdefender

======= C: =====

2013-10-06 17:09:15 75F2BAE6F0A523209B2EA8CCABF33BB9 2010 ----a-w- C:\AdwCleaner[s3].txt

2013-10-06 17:08:50 7841A80AC041A9B5E432EE78F8840163 1828 ----a-w- C:\AdwCleaner[R5].txt

2013-10-06 17:08:24 715E41690F71B2CA7B87740105BCD904 1768 ----a-w- C:\AdwCleaner[R4].txt

====== C:\Users\admin\AppData\Roaming ======

2013-10-07 22:53:03 -------- d-----w- C:\Users\admin\AppData\Locallow\Delta

2013-10-06 19:49:49 -------- d-----w- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard

2013-10-06 19:49:35 -------- d-----w- C:\Users\admin\AppData\Roaming\BabSolution

2013-10-06 19:49:18 -------- d-----w- C:\Users\admin\AppData\Roaming\Babylon

2013-10-06 19:49:02 -------- d-----w- C:\Users\admin\AppData\Local\Lollipop

2013-10-06 19:48:52 -------- d-----w- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker

2013-10-06 19:48:49 -------- d-----w- C:\Users\admin\AppData\Local\FilesFrog Update Checker

2013-10-06 17:22:42 -------- d-----w- C:\Users\admin\AppData\Local\DealPlyLive

2013-10-06 17:11:13 0A9CA826D4673751A22C4AB1D2CBD644 70248 ----a-w- C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT

2013-09-30 17:57:01 -------- d-----w- C:\Users\admin\AppData\Roaming\QuotePad

2013-09-28 20:39:13 -------- d-----w- C:\Users\admin\AppData\Roaming\vlc

2013-09-22 14:16:01 -------- d-----w- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FirstRowSportApp.com

2013-09-09 19:11:52 -------- d-----w- C:\Users\admin\AppData\Roaming\QuickScan

====== C:\Users\admin ======

2013-10-08 17:36:48 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\admin\Downloads\RSIT.exe

2013-10-08 16:07:43 1AFAB6EE6F3EA3456E8F5560CD28DCA2 1855072 ----a-w- C:\Users\admin\Downloads\iview436_setup.exe

2013-10-06 19:50:53 FAEDFE66CF96784098C9B7B1F405EF12 1582 ----a-w- C:\ProgramData\Booking.ico

2013-10-06 19:49:38 -------- d-----w- C:\ProgramData\BitGuard

2013-10-06 19:49:34 -------- d-----w- C:\ProgramData\DSearchLink

2013-10-06 19:49:18 -------- d-----w- C:\ProgramData\Babylon

2013-10-06 19:46:19 B25686E4D480BEEF1245CBA52D9017C8 400752 ----a-w- C:\Users\admin\Downloads\SoftonicDownloader_voor_free-youtube-downloader.exe

2013-10-06 17:21:38 748835EA85085D2B89A5891FA588577D 559035 ----a-w- C:\Users\admin\Downloads\JRT.exe

2013-10-06 17:21:07 9CAEC4452CB20FD0BCF56868B94B96C9 592856 ----a-w- C:\Users\admin\Downloads\cbsidlm-tr1_15-Junkware_Removal_Tool-ORG-75910255.exe

2013-10-06 17:07:11 86229B2082FC763D7803CC2D9ABFB551 168760 ----a-w- C:\Users\admin\Downloads\AdwCleaner.exe

2013-10-06 17:02:44 -------- d-----w- C:\ProgramData\DealPlyLive

2013-10-06 15:18:02 96030AE285C32ECCD1C599F1C5DD2BEF 581957 ----a-w- C:\Users\admin\Desktop\AdwCleaner_1.606_En.exe

2013-10-06 12:36:06 848278CBD6DDA4EF4E832FB92428EEC0 728960 ----a-w- C:\Users\admin\Downloads\SpyHunter-Installer.exe

2013-10-05 17:33:29 15F56193D25FBCEBED9E431629976C78 7854369 ----a-w- C:\Users\admin\Downloads\adresses.exe

2013-09-30 17:56:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuotePad

2013-09-28 20:38:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

2013-09-28 20:36:17 8BEB1A5BC7EF0E2A2D7EB44B74A2ADE7 24278649 ----a-w- C:\Users\admin\Downloads\vlc-2.1.0-win32.exe

2013-09-22 14:17:11 -------- d-----w- C:\ProgramData\AskPartnerNetwork

2013-09-11 16:10:05 29FF344A3607C7AA7DADA1C02E563020 150040 ----a-w- C:\ProgramData\1378915768.bdinstall.bin

2013-09-11 16:08:50 883F0C10DD2B0FE060AD64B4760FF3A7 46685 ----a-w- C:\ProgramData\1378915723.bdinstall.bin

2013-09-09 19:06:40 DDD0725069A8A674EE57946C5D7E31F1 172682 ----a-w- C:\ProgramData\1378753175.bdinstall.bin

2013-09-09 19:06:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Safepay

2013-09-09 19:06:27 -------- d-----w- C:\ProgramData\Bitdefender

====== C: exe-files ==

2013-10-08 17:37:19 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\admin.exe

2013-10-08 17:36:48 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\admin\Downloads\RSIT.exe

2013-10-08 16:07:43 1AFAB6EE6F3EA3456E8F5560CD28DCA2 1855072 ----a-w- C:\Users\admin\Downloads\iview436_setup.exe

2013-10-07 21:28:37 F422BB58E93A0451A5ADE8BC34E1FAEA 65312 ----a-w- C:\Program Files\LemurLeap\bin\utilLemurLeap.exe

2013-10-06 19:58:39 C5A2D6DAFEA3E584BA34AE0BA86A4625 1300709 ----a-w- C:\Program Files\Free YouTube Downloader\unins000.exe

2013-10-06 19:58:06 93A03C1E6001EE3E211E3E0524B04E7D 213152 ----a-w- C:\Program Files\LemurLeap\LemurLeapUninstall.exe

2013-10-06 19:58:00 ED8B665B985FE5A8ED1DB3BF73BBDE32 835176 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MUMP2BVV\Setup[1].exe

2013-10-06 19:57:53 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YMASSJ0P\LemurLeap_sm[1].exe

2013-10-06 19:57:53 C78539208554BDF5B49D6A17C7965853 175208 ----a-w- C:\Users\admin\AppData\Local\Temp\LemurLeap_sm.exe

2013-10-06 19:50:52 FDCEB7AADDF48AB011561FC4974337D5 191488 ----a-w- C:\Program Files\Free YouTube Downloader\YouTubeDownloader.exe

2013-10-06 19:50:52 BE758B90DF515250BA0E01C1395B5DE7 11608 ----a-w- C:\Program Files\Free YouTube Downloader\YouTubeDownloader.vshost.exe

2013-10-06 19:50:50 2A6F93C43DAFD471317DA13CAC71668A 12265472 ----a-w- C:\Program Files\Free YouTube Downloader\ffmpeg.exe

2013-10-06 19:50:06 96463F3FABD45032F02DA0437686B8BA 785048 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZPWEQ1P2\minibar-core[1].exe

2013-10-06 19:49:49 425622F8DB2694C34D1908A77612ACFC 2845664 ----a-w- C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe

2013-10-06 19:49:48 3C74C26999F2060BC6302448F173A342 340464 ----a-w- C:\Program Files\Delta\delta\1.8.24.6\GUninstaller.exe

2013-10-06 19:49:47 425622F8DB2694C34D1908A77612ACFC 2845664 ----a-w- C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

2013-10-06 19:49:44 7D0CACAF87E8A3C7DE34DCEE498A4F1C 215273 ----a-w- C:\Program Files\Delta\delta\1.8.24.6\uninstall.exe

2013-10-06 19:49:43 E809044FB799E233674AB7DD65FFBDD9 103380 ----a-w- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\extensions\ffxtlbr@delta.com\uninstall.exe

2013-10-06 19:49:35 F64487396AB10165DC80BC15CF854D31 10320 ----a-w- C:\Users\admin\AppData\Roaming\BabSolution\Shared\BabMaint.exe

2013-10-06 19:49:35 3C74C26999F2060BC6302448F173A342 340464 ----a-w- C:\Users\admin\AppData\Roaming\BabSolution\Shared\GUninstaller.exe

2013-10-06 19:49:03 8B64BCD9EAF292636E68CA78C6DE79D4 5668624 ----a-w- C:\Users\admin\AppData\Local\Temp\{2CDC3929-2938-4A98-BB25-93C91963FEBB}\setup.exe

2013-10-06 19:48:51 8952FB6D4D1A49A0D2652190E2F4ED43 61990 ----a-w- C:\Users\admin\AppData\Local\FilesFrog Update Checker\uninstall.exe

2013-10-06 19:48:34 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZPWEQ1P2\FreeYouTubeDownloaderSetupToolbarFree[1].exe

2013-10-06 19:48:30 2F5252E50745E47DB355B005725DAE05 327880 ----a-w- C:\Users\admin\AppData\Local\Temp\appshat-distribution.exe

2013-10-06 19:48:29 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FS5VYW5Q\appshat-distribution[1].exe

2013-10-06 19:48:28 D3197FAE11B8307F0F52343142709D77 836708 ----a-w- C:\Users\admin\AppData\Local\Temp\DeltaTB.exe

2013-10-06 19:48:27 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YMASSJ0P\DeltaTB[1].exe

2013-10-06 19:47:56 FBE369DF3B3D51CB874535FAA3B3EBEA 5807696 ----a-w- C:\Users\admin\AppData\Local\Temp\OptimizerPro.exe

2013-10-06 19:47:54 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M770M6R\OptimizerPro[1].exe

2013-10-06 19:47:53 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5GINKTKT\LollipopInstaller_14693[1].exe

2013-10-06 19:47:49 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A39I58X3\UpdateCheckerSetup[1].exe

2013-10-06 19:47:49 83087F025194693DFF3A0F22E6A4AE96 196376 ----a-w- C:\Users\admin\AppData\Local\Temp\UpdateCheckerSetup.exe

2013-10-06 19:46:19 B25686E4D480BEEF1245CBA52D9017C8 400752 ----a-w- C:\Users\admin\Downloads\SoftonicDownloader_voor_free-youtube-downloader.exe

2013-10-06 17:21:46 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2013-10-06 17:21:38 748835EA85085D2B89A5891FA588577D 559035 ----a-w- C:\Users\admin\Downloads\JRT.exe

2013-10-06 17:21:07 9CAEC4452CB20FD0BCF56868B94B96C9 592856 ----a-w- C:\Users\admin\Downloads\cbsidlm-tr1_15-Junkware_Removal_Tool-ORG-75910255.exe

2013-10-06 17:07:32 2B8FB03BF38CB33A98D804CFDC2BB2C0 258560 ----atw- C:\Users\admin\AppData\Local\Temp\ins70\ins70.exe

2013-10-06 17:07:11 86229B2082FC763D7803CC2D9ABFB551 168760 ----a-w- C:\Users\admin\Downloads\AdwCleaner.exe

2013-10-06 17:02:47 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Users\admin\AppData\Local\Temp\vcredist_x86.exe

2013-10-06 17:02:39 858D895AD40DE9779E78C39A116F9553 10355400 ----a-w- C:\Users\admin\AppData\Local\Temp\BackupSetup.exe

2013-10-06 15:18:29 8B64BCD9EAF292636E68CA78C6DE79D4 5668624 ----a-w- C:\Users\admin\AppData\Local\Temp\{1C351DDC-B7FD-4598-8CE0-BB7A2ED701AD}\setup.exe

2013-10-06 15:18:02 96030AE285C32ECCD1C599F1C5DD2BEF 581957 ----a-w- C:\Users\admin\Desktop\AdwCleaner_1.606_En.exe

2013-10-06 15:17:47 8F8138B6D2B9428C388E763347C515A8 5514432 ----a-w- C:\Users\admin\AppData\Local\Temp\ins1197\LyricsSay_1060-8002_v122.exe

2013-10-06 15:17:40 2CEB3D1FEA2D286AAFF83C879235DCCF 890704 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A39I58X3\Setup[1].exe

2013-10-06 13:07:54 6B110E925294547A7D288F26DA19D199 179687 ----a-w- C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP\WiseCustomCalla18.exe

2013-10-06 12:37:38 2349274E327CAC32501C93AE37E16B48 180934 ----a-w- C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP\WiseCustomCalla21.exe

2013-10-06 12:36:31 84126D8FA81D231E1DEFD8D0906F8D70 45827664 ----a-w- C:\Users\admin\AppData\Local\Temp\SHSetup.exe

2013-10-06 12:36:06 848278CBD6DDA4EF4E832FB92428EEC0 728960 ----a-w- C:\Users\admin\Downloads\SpyHunter-Installer.exe

2013-10-05 18:19:44 663C0061B5141CBFA401E578C36F129C 12612850 ----a-w- C:\Users\admin\AppData\Local\Temp\is1244477948\4806171_Setup.EXE

2013-10-05 17:33:29 15F56193D25FBCEBED9E431629976C78 7854369 ----a-w- C:\Users\admin\Downloads\adresses.exe

2013-10-04 20:05:20 4CFCD3F168F5333FFDD44BC64491A267 521216 ----a-w- C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

2013-10-03 20:36:18 F422BB58E93A0451A5ADE8BC34E1FAEA 65312 ----a-w- C:\Program Files\LemurLeap\updateLemurLeap.exe

=== C: other files ==

2013-10-06 19:49:35 7A638D872FA954A773CF4D54F3FCAB1C 17476 ----a-w- C:\Users\admin\AppData\Roaming\BabSolution\CR\Delta.crx

2013-10-06 17:21:44 FDB9CF820305FE44231763042642F7A6 12733 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\searchlnk.bat

2013-10-06 17:21:44 F871C2EECFB5DF889C240D846473CD80 89287 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\misc.bat

2013-10-06 17:21:44 F6CA4866511929B8356C67C40DF7D9B3 28960 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\prelim.bat

2013-10-06 17:21:44 EC2D0525D784635AC629EA4B3B60A0F1 11656 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\JRT.bat

2013-10-06 17:21:44 D69A075ABACDEB803121FD49E176906A 13748 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\get.bat

2013-10-06 17:21:44 BE9A93AB5FE6CAE1D6A78857B04F04FC 15330 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\chrome.bat

2013-10-06 17:21:44 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\FWPolicy.bat

2013-10-06 17:21:44 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\ev_clear.bat

2013-10-06 17:21:44 6FA00F3154329484AE7CA523863F010F 38960 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\ask.bat

2013-10-06 17:21:44 6C966C77884990CE8F02799FF6227BB1 9486 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\modules.bat

2013-10-06 17:21:44 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\delorphans.bat

2013-10-06 17:21:44 5738500CE82B28738D24E2B61B2842C3 219670 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\firefox.bat

2013-10-06 17:21:44 4C51096033E1B16985334794FAAA2FA6 1018 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\TDL4.bat

2013-10-06 17:21:44 1ACDFEB8A7A728A429476F11E7A24617 29141 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\iexplore.bat

2013-10-06 17:21:44 150B311890A68BB34170FBB4FAA733F5 6699 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\runvalues.bat

2013-10-06 17:21:44 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\medfos.bat

2013-10-06 17:21:44 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\delfolders.bat

2013-10-06 17:08:08 97D169AC1A8108BF4D1C62221D720790 631 ----a-w- C:\Users\admin\AppData\Local\Temp\Uninst.bat

2013-10-05 18:20:48 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MUMP2BVV\1.1.6.6[1].crx

2013-10-05 18:20:48 2D0E258C08354FA84E5CB5D312B8E83F 416279 ----a-w- C:\Users\admin\AppData\Local\Temp\eIntaller\D9BEF0DB04314e89A9974FCB72E7AD80\newtab.crx

2013-10-03 20:36:18 DB2F015354D322BF4EE005D4DD82DBA9 10249 ----a-w- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\r10fm3x1.default\extensions\firefox@lemurleap.info.xpi

2013-10-03 20:36:18 DB2F015354D322BF4EE005D4DD82DBA9 10249 ----a-w- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\extensions\firefox@lemurleap.info.xpi

2013-10-03 09:31:24 7A638D872FA954A773CF4D54F3FCAB1C 17476 ----a-w- C:\Users\admin\AppData\Local\Temp\9F7289A5-BAB0-7891-B724-D00621E4D400\Latest\Delta.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-779995794-2056842348-1647886699-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Dictionary .NET"="C:\Users\admin\AppData\Local\Temp\Temp1_DictionaryNet.zip\Dictionary.exe -c"

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"

"Spotify Web Helper"="C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"WiFi Guard"="C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe /hide"

"SDP"="C:\Users\admin\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto "

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CLMLServer"="C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

"UpdateP2GoShortCut"="C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0"

"RemoteControl9"="C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"

"PDVD9LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"

"BDRegion"="C:\Program Files\Cyberlink\Shared Files\brs.exe"

"UpdatePPShortCut"="C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\PowerProducer UpdateWithCreateOnce Software\CyberLink\PowerProducer\5.0"

"UpdatePSTShortCut"="C:\Program Files\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\Blu-ray Disc Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter"

"VMware hqtray"="C:\Program Files\VMware\VMware Player\hqtray.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"CanonSolutionMenuEx"="C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"PixelPlanet PdfPrinter-Monitor"="C:\Program Files\Common Files\PixelPlanet\PdfPrinter 6\PdfPrinterMonitor.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"obkagent"="C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Dictionary .NET"="C:\Users\admin\AppData\Local\Temp\Temp1_DictionaryNet.zip\Dictionary.exe -c"

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"

"Spotify Web Helper"="C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"WiFi Guard"="C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe /hide"

"SDP"="C:\Users\admin\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto "

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\\progra~2\\bitguard\\261694~1.246\\{c16c1~1\\bitguard.dll "

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpeedUpMyPC]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SpeedUpMyPC"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Uniblue\\SpeedUpMyPC\\launcher.exe\" -d 20000 "

==== Startup Folders ======================

2013-01-09 22:29:44 1339 ----a-w- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk

2013-02-02 18:05:37 1049 ----a-w- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

2011-07-05 17:02:42 2031 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [23/09/2013 18:11]

C:\Windows\tasks\GlaryInitialize.job --a------ C:\Program Files\Glary Utilities\initialize.exe [22/03/2010 13:03]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [07/11/2011 20:20]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [07/11/2011 20:20]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\BitGuard" [C:\Windows\system32\sc.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\EPUpdater" [C:\Users\admin\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe]

"C:\Windows\system32\tasks\GlaryInitialize" [C:\Program Files\Glary Utilities\initialize.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\Open URL by RoboForm" [C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.html?aaa=KICMKMJJLMKMGMLMGMMJCNPMOJJJPMCNLMMMMMNJCNOJGMLJLMCNOMPMHMNMKMJJOMJMPMNMLJOJJNJICMIMCNLMCNOMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMFMPMJNHICMMJBJKJLIMJJNBJCMOJLJCJGJBJJNKJCMJNNICMJNDJCMBJDJ"]

"C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-779995794-2056842348-1647886699-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-779995794-2056842348-1647886699-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\system32\tasks\Run RoboForm TaskBar Icon" [C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{FA3CA16D-C6C1-4DBE-9567-DE3E8455D956}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-779995794-2056842348-1647886699-1000" [%windir%\system32\rundll32.exe portabledeviceapi.dll,#1]

==== Firefox Extensions ======================

ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default

- Belgium eID - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be

- LyricsSay-1 - %ProfilePath%\extensions\71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com

- Delta Toolbar - %ProfilePath%\extensions\ffxtlbr@delta.com

- LemurLeap - %ProfilePath%\extensions\firefox@lemurleap.info

- FreeHDSport TV 3 - %ProfilePath%\extensions\fhdp3@freehdsp.tv.xpi

- LemurLeap - %ProfilePath%\extensions\firefox@lemurleap.info.xpi

- Thumbnail Zoom Plus - %ProfilePath%\extensions\thumbnailZoom@dadler.github.com.xpi

- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi

- Picture Zoom Plus - %ProfilePath%\extensions\xxcessl0gycs@gmail.com.xpi

- ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi

ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\r10fm3x1.default

- LemurLeap - %ProfilePath%\extensions\firefox@lemurleap.info.xpi

- Pocket - %ProfilePath%\extensions\isreaditlater@ideashower.com.xpi

- ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Undetermined - %AppDir%\extensions\ffxtlbr@babylon.com

==== Firefox Plugins ======================

Profilepath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default

D1DC265C3FF7F92B4A75A55B3749D48C - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

E5AF72B7353FF8D431A7C463A4229524 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash

04ACC61B47857E779CD92D1D88770BF1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

77B09C2C6F407531447DA75E3ACD1C5B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update

7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

179B446B36562BA025F38A5B0760DBEA - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25

2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.16

BC601425BC360C12DF2277992C6D83D5 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.4

7B64C498A4E0958967EBD9439EE93DB4 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4

309817C5A02434365B0091021FD70610 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4

A0D9A846578582064F3D066B23CD2E55 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4

2871984886154973C810DAF2A9294510 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4

61EA5261198FD2431A4DD088569ED8D4 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4

F045DF7AF127DC4BCC53421850114E15 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In

270EE43CC00609B9937AAF94E1E970D4 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

C548328E9DE5EB73350EF292D7140662 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa

C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery

7D28153B7D586330678AD522B71D89CB - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

Profilepath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\r10fm3x1.default

04ACC61B47857E779CD92D1D88770BF1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

77B09C2C6F407531447DA75E3ACD1C5B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

D1DC265C3FF7F92B4A75A55B3749D48C - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

BC601425BC360C12DF2277992C6D83D5 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.4

7B64C498A4E0958967EBD9439EE93DB4 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4

309817C5A02434365B0091021FD70610 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4

A0D9A846578582064F3D066B23CD2E55 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4

2871984886154973C810DAF2A9294510 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4

61EA5261198FD2431A4DD088569ED8D4 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4

270EE43CC00609B9937AAF94E1E970D4 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

D0DA6B2FB50A0667CF4BACC2AEFEA009 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll - Java Platform SE 7 U5

C548328E9DE5EB73350EF292D7140662 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa

C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery

7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\admin\AppData\Roaming\BabSolution\CR\Delta.crx[03/10/2013 11:31]

Delta Toolbar - admin - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde

Add Lyrics - admin - Default\Extensions\kdlfddggdloaadnphbhejknhaggjaeld

DealPly Shopping - admin - Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf

LyricsSay-1 - admin - Default\Extensions\pbjcbkbcncfkoljakenekllbfdonhjef

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.delta-search.com/?babsrc=HP_ss&mntrId=9A84E091F523EA46&affID=125155&tsp=5027"

"Backup.Old.Start Page"="http://start.be/"

"bProtector Start Page"="http://www.delta-search.com/?babsrc=HP_ss&mntrId=9A84E091F523EA46&affID=125155&tsp=5027"

"Default_Page_URL"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://www.google.com"

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{03051086-C7A4-0250-3C2A-1C3F4CACF451} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"

{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Delta Search Url="http://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=9A84E091F523EA46&affID=125155&tsp=5027"

{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown Url="Not_Found"

{80c554b9-c7f8-4a21-9471-06d606da78a2} Bing Url="http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE"

{F6909F06-51FF-4A24-92CD-9C55E832950B} Google Url="http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=&rlz=1I7AURU_nlBE498"

==== HijackThis Entries ======================

O2 - BHO: LemurLeap - {415419c3-dad0-4df1-ac37-22c72ad81878} - C:\Program Files\LemurLeap\LemurLeapbho.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: (no name) - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - (no file)

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.24.6\bh\delta.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.24.6\deltaTlbr.dll

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"

O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"

O4 - HKLM\..\Run: [bDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe

O4 - HKLM\..\Run: [updatePPShortCut] "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"

O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Player\hqtray.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [PixelPlanet PdfPrinter-Monitor] "C:\Program Files\Common Files\PixelPlanet\PdfPrinter 6\PdfPrinterMonitor.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [obkagent] "C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe"

O4 - HKCU\..\Run: [Dictionary .NET] "C:\Users\admin\AppData\Local\Temp\Temp1_DictionaryNet.zip\Dictionary.exe" -c

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [WiFi Guard] "C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe" /hide

O4 - HKCU\..\Run: [sDP] C:\Users\admin\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: Dropbox.lnk = admin\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll

O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.belfius.be

O16 - DPF: {10000000-1000-1000-1000-100000000000} - http://cdn.betteradvertising.com/ghostery/addons/ie/2.4.2.0/ghostery.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{25832E89-2212-4801-9B56-C58DB9542B63}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{EEEDD743-E308-45AF-BC29-2D4D26515907}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~2\bitguard\261694~1.246\{c16c1~1\bitguard.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: BitGuard - Unknown owner - C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Safepay Service Agent (OBKSvc) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Safepay\OBKSvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-ufad.exe

O23 - Service: Update LemurLeap - LemurLeap - C:\Program Files\LemurLeap\updateLemurLeap.exe

O23 - Service: Bitdefender Safepay Update Service (UPDATESRV_SAFEPAY) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe

O23 - Service: Util LemurLeap - LemurLeap - C:\Program Files\LemurLeap\bin\utilLemurLeap.exe

O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe

O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe

O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe

==== EOF on wo 09/10/2013 at 18:47:07,65 ======================

[kape]

Je hebt zoek.exe niet helemaal correct uitgevoerd, waardoor de besmettingen nog steeds op je PC staan. Bedoeling is zoek.exe + het ingevulde vak + opties te laten werken, zodat die items automatisch verwijderd worden en nog bijkomende informatie vrijkomt. Lees er nog even de handleiding bij vorig bericht op na .... en probeer het dan eens op die manier. Dan gaat je logje er helemaal anders uitzien en zou je verlost moeten zijn van een aantal probleemgevallen. Hang dit nieuwe logje dan in je volgende bericht.

[Loprakso]

Zoek.exe Version 4.0.0.5 Updated 09-October-2013

Tool run by admin on vr 11/10/2013 at 20:48:17,55.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\admin\Documents\zoek-4\zoek.exe [Quick Scan] [Auto Clean]

==== Older Logs ======================

C:\zoek-results2013-10-09-164707.log 49411 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-779995794-2056842348-1647886699-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-779995794-2056842348-1647886699-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-779995794-2056842348-1647886699-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update LemurLeap deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update LemurLeap deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update LemurLeap deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update LemurLeap deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BitGuard deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BitGuard deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default

---- Lines delta removed from prefs.js ----

user_pref("browser.newtab.url", "http://www.delta-search.com/?babsrc=NT_ss&mntrId=9A84E091F523EA46&affID=125155&tsp=5027");

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta.aflt", "babsst");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.dfltLng", "nl");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.id", "9a84de96000000000000e091f523ea46");

user_pref("extensions.delta.instlDay", "15984");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.newTab", false);

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.vrsn", "1.8.24.6");

user_pref("extensions.delta.vrsnTs", "1.8.24.621:49:43");

user_pref("extensions.delta.vrsni", "1.8.24.6");

user_pref("extensions.delta_i.babExt", "");

user_pref("extensions.delta_i.babTrack", "affID=125155&tsp=5027");

user_pref("extensions.delta_i.srcExt", "ss");

---- Lines delta modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"belgiumeid@eid.belgium.be\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\belgiumeid@eid.belgium.be\",\"mtime\":1379445472007,\"rdfTime\":1362744524000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1379445493468,\"rdfTime\":1379445493203}}},{\"name\":\"app-profile\",\"addons\":{\"71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com\",\"mtime\":1381078347589,\"rdfTime\":1381072695988},\"ffxtlbr@delta.com\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1381088984110,\"rdfTime\":1352283188000},\"fhdp3@freehdsp.tv\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\fhdp3@freehdsp.tv.xpi\",\"mtime\":1372581844000},\"firefox@lemurleap.info\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\firefox@lemurleap.info.xpi\",\"mtime\":1380832578000},\"thumbnailZoom@dadler.github.com\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\thumbnailZoom@dadler.github.com.xpi\",\"mtime\":1380736035872},\"translator@zoli.bod\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\translator@zoli.bod.xpi\",\"mtime\":1373654786755},\"xxcessl0gycs@gmail.com\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\xxcessl0gycs@gmail.com.xpi\",\"mtime\":1375287466268},\"{9AA46F4F-4DC7-4c06-97AF-5035170634FE}\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi\",\"mtime\":1380993470247}}}]");

---- Lines delta removed from user.js ----

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.id", "9a84de96000000000000e091f523ea46");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.instlDay", "15984");

user_pref("extensions.delta.vrsn", "1.8.24.6");

user_pref("extensions.delta.vrsni", "1.8.24.6");

user_pref("extensions.delta.vrsnTs", "1.8.24.621:49:43");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.aflt", "babsst");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.dfltLng", "nl");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta_i.babTrack", "affID=125155&tsp=5027");

user_pref("extensions.delta_i.babExt", "");

user_pref("extensions.delta_i.srcExt", "ss");

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.newTab", false);

---- Lines Lyric removed from prefs.js ----

user_pref("extensions.a71139f7bcef24ada9c6025f887d7e2e15b12962159ed453c9453d7593ee48c04com41552.41552.description", "LyricsSay will allow you to display lyrics for your favorite songs alongside any Youtube music video");

user_pref("extensions.a71139f7bcef24ada9c6025f887d7e2e15b12962159ed453c9453d7593ee48c04com41552.41552.name", "LyricsSay-1");

user_pref("extensions.a71139f7bcef24ada9c6025f887d7e2e15b12962159ed453c9453d7593ee48c04com41552.41552.publisher", "Lyrics");

---- Lines Lyric modified from prefs.js ----

---- Lines Lyric removed from user.js ----

---- Lines search.com removed from prefs.js ----

---- Lines search.com modified from prefs.js ----

---- Lines search.com removed from user.js ----

---- Lines freehdsp removed from prefs.js ----

user_pref("extensions.bootstrappedAddons", "{\"fhdp3@freehdsp.tv\":{\"version\":\"3.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\fhdp3@freehdsp.tv.xpi\"}}");

---- Lines freehdsp modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"belgiumeid@eid.belgium.be\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\belgiumeid@eid.belgium.be\",\"mtime\":1379445472007,\"rdfTime\":1362744524000}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1379445493468,\"rdfTime\":1379445493203}}},{\"name\":\"app-profile\",\"addons\":{\"71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com\",\"mtime\":1381078347589,\"rdfTime\":1381072695988},\"ffxtlbr@disabled.com\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\ffxtlbr@disabled.com\",\"mtime\":1381088984110,\"rdfTime\":1352283188000},\"fhdp3@freehdsp.tv\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\fhdp3@freehdsp.tv.xpi\",\"mtime\":1372581844000},\"firefox@lemurleap.info\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\firefox@lemurleap.info.xpi\",\"mtime\":1380832578000},\"thumbnailZoom@dadler.github.com\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\thumbnailZoom@dadler.github.com.xpi\",\"mtime\":1380736035872},\"translator@zoli.bod\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\translator@zoli.bod.xpi\",\"mtime\":1373654786755},\"xxcessl0gycs@gmail.com\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\xxcessl0gycs@gmail.com.xpi\",\"mtime\":1375287466268},\"{9AA46F4F-4DC7-4c06-97AF-5035170634FE}\":{\"descriptor\":\"C:\\\\Users\\\\admin\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hkky9amf.default\\\\extensions\\\\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi\",\"mtime\":1380993470247}}}]");

---- Lines freehdsp removed from user.js ----

---- FireFox user.js and prefs.js backups ----

user_20131110_2105_.backup

prefs_20131110_2105_.backup

ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\r10fm3x1.default

---- Lines delta removed from prefs.js ----

---- Lines delta modified from prefs.js ----

---- Lines delta removed from user.js ----

---- Lines Lyric removed from prefs.js ----

---- Lines Lyric modified from prefs.js ----

---- Lines Lyric removed from user.js ----

---- Lines search.com removed from prefs.js ----

---- Lines search.com modified from prefs.js ----

---- Lines search.com removed from user.js ----

---- Lines freehdsp removed from prefs.js ----

---- Lines freehdsp modified from prefs.js ----

---- Lines freehdsp removed from user.js ----

---- FireFox user.js and prefs.js backups ----

user_20131110_2105_.backup

prefs_20131110_2105_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command]

@="C:\\Program Files\\Mozilla Firefox\\firefox.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"bProtector Start Page"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"bProtectorDefaultScope"=-

==== Deleting Files \ Folders ======================

"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\extensions\fhdp3@freehdsp.tv.xpi" deleted

"C:\Users\admin\Downloads\SoftonicDownloader_voor_free-youtube-downloader.exe" deleted

"C:\Users\admin\Downloads\SoftonicDownloader_voor_youtube-song-downloader.exe" deleted

"C:\Windows\system32\Tasks\EPUpdater" deleted

"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\searchplugins\ask-search.xml" deleted

"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\searchplugins\ask-search.xml" deleted

"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\bProtector_extensions.sqlite" deleted

"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\bProtector_prefs.js" deleted

"C:\Users\Public\Desktop\Free YouTube Downloader.lnk" deleted

"C:\Users\Public\Desktop\YouTube Song Downloader.lnk" deleted

"C:\Program Files\LemurLeap\updateLemurLeap.exe" deleted

"C:\Users\admin\AppData\Local\FilesFrog Update Checker\update_checker.exe" deleted

"C:\Users\admin\AppData\Local\FilesFrog Update Checker\update_checker.exe" deleted

"C:\Program Files\LemurLeap\bin\utilLemurLeap.exe" deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted

"C:\Users\admin\AppData\Roaming\FMZilla" deleted

"C:\Users\admin\AppData\Roaming\GrabPro" deleted

"C:\Users\admin\AppData\Roaming\Samsung" deleted

"C:\Program Files\FirstRowSportApp.com" deleted

"C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted

"C:\Program Files\Delta" deleted

"C:\Program Files\DealPlyLive" deleted

"C:\Program Files\LemurLeap" not deleted

"C:\Program Files\MyPC Backup" deleted

"C:\Users\admin\AppData\Roaming\Uniblue" deleted

"C:\Users\admin\AppData\Roaming\Uniblue\SpeedUpMyPC" deleted

"C:\Users\admin\AppData\Roaming\BabSolution" deleted

"C:\Users\admin\AppData\Roaming\Babylon" deleted

"C:\Users\admin\PP_MOTION.TMP" deleted

"C:\Users\admin\PP_ROTATE_SLIDE.TMP" deleted

"C:\ProgramData\AskPartnerNetwork" deleted

"C:\ProgramData\BitGuard" not deleted

"C:\ProgramData\DealPlyLive" deleted

"C:\ProgramData\DSearchLink" deleted

"C:\ProgramData\InstallMate" deleted

"C:\ProgramData\Babylon" deleted

"C:\Users\admin\AppData\Local\FilesFrog Update Checker" deleted

"C:\Users\admin\AppData\Local\Lollipop" deleted

"C:\Users\admin\AppData\Local\FilesFrog Update Checker" deleted

"C:\Users\admin\AppData\Local\DealPlyLive" deleted

"C:\Users\admin\AppData\Local\PackageAware" deleted

"C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard" deleted

"C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FirstRowSportApp.com" deleted

"C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker" deleted

"C:\Users\admin\AppData\LocalLow\Delta" deleted

"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\jetpack" deleted

"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\extensions\ffxtlbr@delta.com" deleted

"C:\Program Files\LemurLeap\bin" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\admin\AppData\Local\Temp ====

2013-10-06 19:57:53 C78539208554BDF5B49D6A17C7965853 175208 ----a-w- C:\Users\admin\AppData\Local\Temp\LemurLeap_sm.exe

2013-10-06 19:49:23 B212865E7E478A28A97268F960079A8D 132096 ----a-w- C:\Users\admin\AppData\Local\Temp\9F7289A5-BAB0-7891-B724-D00621E4D400\Latest\BExternal.dll

2013-10-06 19:49:23 A21DE5067618D4F2DF261416315ED120 6144 ----a-w- C:\Users\admin\AppData\Local\Temp\9F7289A5-BAB0-7891-B724-D00621E4D400\Latest\IEHelper.dll

2013-10-06 19:49:23 0F66E8E2340569FB17E774DAC2010E31 520234 ----a-w- C:\Users\admin\AppData\Local\Temp\9F7289A5-BAB0-7891-B724-D00621E4D400\Latest\sqlite3.dll

2013-10-06 19:49:03 8B64BCD9EAF292636E68CA78C6DE79D4 5668624 ----a-w- C:\Users\admin\AppData\Local\Temp\{2CDC3929-2938-4A98-BB25-93C91963FEBB}\setup.exe

2013-10-06 19:48:30 2F5252E50745E47DB355B005725DAE05 327880 ----a-w- C:\Users\admin\AppData\Local\Temp\appshat-distribution.exe

2013-10-06 19:48:28 D3197FAE11B8307F0F52343142709D77 836708 ----a-w- C:\Users\admin\AppData\Local\Temp\DeltaTB.exe

2013-10-06 19:47:56 FBE369DF3B3D51CB874535FAA3B3EBEA 5807696 ----a-w- C:\Users\admin\AppData\Local\Temp\OptimizerPro.exe

2013-10-06 19:47:49 83087F025194693DFF3A0F22E6A4AE96 196376 ----a-w- C:\Users\admin\AppData\Local\Temp\UpdateCheckerSetup.exe

2013-10-06 17:21:46 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2013-10-06 17:07:32 2B8FB03BF38CB33A98D804CFDC2BB2C0 258560 ----atw- C:\Users\admin\AppData\Local\Temp\ins70\ins70.exe

2013-10-06 17:02:47 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Users\admin\AppData\Local\Temp\vcredist_x86.exe

2013-10-06 17:02:39 858D895AD40DE9779E78C39A116F9553 10355400 ----a-w- C:\Users\admin\AppData\Local\Temp\BackupSetup.exe

2013-10-06 15:18:29 8B64BCD9EAF292636E68CA78C6DE79D4 5668624 ----a-w- C:\Users\admin\AppData\Local\Temp\{1C351DDC-B7FD-4598-8CE0-BB7A2ED701AD}\setup.exe

2013-10-06 15:17:47 8F8138B6D2B9428C388E763347C515A8 5514432 ----a-w- C:\Users\admin\AppData\Local\Temp\ins1197\LyricsSay_1060-8002_v122.exe

2013-10-06 12:36:31 84126D8FA81D231E1DEFD8D0906F8D70 45827664 ----a-w- C:\Users\admin\AppData\Local\Temp\SHSetup.exe

2013-10-05 18:19:44 663C0061B5141CBFA401E578C36F129C 12612850 ----a-w- C:\Users\admin\AppData\Local\Temp\is1244477948\4806171_Setup.EXE

====== Java Cache =====

====== C:\Windows\system32 =====

2013-10-09 21:42:58 E02C01EB0ED522327AFF3BE5CBCF6017 690688 ----a-w- C:\Windows\System32\jscript.dll

2013-10-09 21:42:58 351B1A5B8A02A59DD29D122B0D231FA6 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-10-09 21:42:57 DC7DB5BC0E2D135103730E08FE1C540D 39424 ----a-w- C:\Windows\System32\jsproxy.dll

2013-10-09 21:42:57 5A847E98EAF032928E67EE52DE08952D 2876928 ----a-w- C:\Windows\System32\jscript9.dll

2013-10-09 21:42:56 BE8F3297A0BC3D3E3B66D9A45F64F0B9 61440 ----a-w- C:\Windows\System32\iesetup.dll

2013-10-09 21:42:56 5E775F0C365F01A8A7382BBEFC4A53A5 391168 ----a-w- C:\Windows\System32\ieui.dll

2013-10-09 21:42:55 E8433E4E65BDFB35DE5C2BFF745F1386 42496 ----a-w- C:\Windows\System32\ie4uinit.exe

2013-10-09 21:42:55 883C0D3A22CE87A3203CD5518EBB5758 493056 ----a-w- C:\Windows\System32\msfeeds.dll

2013-10-09 21:42:55 6E9013E3D112E26A42EC057CAE990649 109056 ----a-w- C:\Windows\System32\iesysprep.dll

2013-10-09 21:42:55 61DC3F2BE3093FE22CD717260946D7AD 1141248 ----a-w- C:\Windows\System32\urlmon.dll

2013-10-09 21:42:55 58A43D9DFFF91C1457EC47BDCF969B59 71680 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-10-09 21:42:55 556F70EDECE99CCD64C7D8897F3264F4 33280 ----a-w- C:\Windows\System32\iernonce.dll

2013-10-09 21:42:54 122B216B091D06F672CC8D331128FB06 2048512 ----a-w- C:\Windows\System32\iertutil.dll

2013-10-09 21:42:53 E4FEB264B47360B7296AEA4E052F88D8 1767936 ----a-w- C:\Windows\System32\wininet.dll

2013-10-09 21:42:52 8F5EAAF76A6811332A8C67DB0D4C395F 13761024 ----a-w- C:\Windows\System32\ieframe.dll

2013-10-09 21:42:50 A7221924181C8EB92B64C5A2D888BEA5 14335488 ----a-w- C:\Windows\System32\mshtml.dll

2013-10-09 16:39:39 75F5E1FE8D55CF8E577E0EC5F2290D3F 530432 ----a-w- C:\Windows\System32\comctl32.dll

2013-10-09 16:39:13 E94C583CDE2348950155F2AF2876F34D 231424 ----a-w- C:\Windows\System32\mswsock.dll

2013-10-09 16:39:02 813A7F5A2D6D366EB3FFB643B851BCE5 3914176 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-10-09 16:39:02 482C8CD985C727C7C78A5E9B320947F0 3969472 ----a-w- C:\Windows\System32\ntkrnlpa.exe

2013-10-09 16:39:01 E0B8C6B1EA1EF94747E966E9093FB968 1289096 ----a-w- C:\Windows\System32\ntdll.dll

2013-10-09 16:39:01 D67472125471784DE7147946EDA25FEB 640512 ----a-w- C:\Windows\System32\advapi32.dll

2013-10-09 16:39:01 401D25136E26B237D77DA1BF1198B3BD 619520 ----a-w- C:\Windows\System32\tdh.dll

2013-10-09 16:39:00 2A01B40C8334A8124001CFAC256FCA83 102608 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 16:38:59 F632602316001D517F4EF3B53B9A6C33 26112 ----a-w- C:\Windows\System32\lpk.dll

2013-10-09 16:38:59 8CC4638FA7B5B921B9080CF962582C0B 70656 ----a-w- C:\Windows\System32\fontsub.dll

2013-10-09 16:38:59 7D27E63B54DB093BB0D9E95F81094D75 34304 ----a-w- C:\Windows\System32\atmlib.dll

2013-10-09 16:38:59 5C6B44F9CAAC475B7B9EBBC29CB7F065 295424 ----a-w- C:\Windows\System32\atmfd.dll

2013-10-09 16:38:59 2342EC9254F4C60CA98441BD65C89E12 10240 ----a-w- C:\Windows\System32\dciman32.dll

2013-10-09 16:38:57 E2ED66FAF894F545EB083AC5F5763854 434688 ----a-w- C:\Windows\System32\scavengeui.dll

2013-10-09 16:38:55 445C354D772DFEBF46F73078C8C2C797 2348544 ----a-w- C:\Windows\System32\win32k.sys

2013-10-09 16:38:53 EAF4712B706936C0B10D3B5319B37E81 81920 ----a-w- C:\Windows\System32\davclnt.dll

2013-10-09 16:38:53 75E8EBD7040CE238684333F97014762A 205824 ----a-w- C:\Windows\System32\WebClnt.dll

====== C:\Windows\system32\drivers =====

2013-10-09 16:39:15 FDA6F2BB7FA034D95863ED8788B4E416 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-10-09 16:39:15 FC6B21DB4B5B398AB93DBE59CBF11036 36352 ----a-w- C:\Windows\System32\drivers\usbscan.sys

2013-10-09 16:39:15 F1B27299F547D452EDAEF01FC187CB91 25728 ----a-w- C:\Windows\System32\drivers\hidparse.sys

2013-10-09 16:39:15 DCDF9855145A14DFCA0AB32308871961 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2013-10-09 16:39:15 C4FB8E7ADEA9B5CEEA885A1B504B7E40 43008 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-10-09 16:39:15 8E51D04175BAA14C4F79AA5F6D248770 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2013-10-09 16:39:15 86AA95ACB611001E26CD2C0145F2225A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-10-09 16:39:15 71D97F1A3CC47A56728F7A400A3F8295 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-10-09 16:39:15 6FB17D7A2E76B838886E5E8C60239DAE 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-10-09 16:39:15 50ABE682EBE752EAF62B18790D6D491C 55808 ----a-w- C:\Windows\System32\drivers\hidclass.sys

2013-10-09 16:39:14 71BC35067CABC02C9453AEAA42B2E43E 729024 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-10-09 16:39:13 F81BB7E487EDCEAB630A7EE66CF23913 338944 ----a-w- C:\Windows\System32\drivers\afd.sys

2013-10-09 16:39:13 CA59F7C570AF70BC174F477CFE2D9EE3 1294272 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-10-09 16:38:53 21F4B24ACFC79A483515BD986DD9043F 115712 ----a-w- C:\Windows\System32\drivers\mrxdav.sys

2013-10-09 16:38:51 2352AB5F9F8F097BF9D41D5A4718A041 86016 ----a-w- C:\Windows\System32\drivers\usbcir.sys

2013-10-09 16:38:50 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

====== C:\Windows\Tasks ======

2013-10-11 19:06:18 8889EDA9304F46BAC999043DE518B656 3420 ----a-w- C:\Windows\system32\Tasks\BitGuard

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-10-06 19:58:04 -------- d-----w- C:\Program Files\LemurLeap

2013-10-06 19:50:50 -------- d-----w- C:\Program Files\Free YouTube Downloader

2013-10-06 12:39:06 -------- d-----w- C:\Program Files\Enigma Software Group

2013-10-06 12:37:28 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard

2013-10-05 17:35:12 -------- d-----w- C:\Program Files\EuroSoft Software Development

2013-09-30 17:56:49 -------- d-----w- C:\Program Files\QuotePad

======= C: =====

2013-10-06 17:09:15 75F2BAE6F0A523209B2EA8CCABF33BB9 2010 ----a-w- C:\AdwCleaner[s3].txt

2013-10-06 17:08:50 7841A80AC041A9B5E432EE78F8840163 1828 ----a-w- C:\AdwCleaner[R5].txt

2013-10-06 17:08:24 715E41690F71B2CA7B87740105BCD904 1768 ----a-w- C:\AdwCleaner[R4].txt

====== C:\Users\admin\AppData\Roaming ======

2013-10-09 21:27:08 D0615D4F3B1CEA3C49EFC9A0B3C4B796 843 ----a-w- C:\Users\admin\AppData\Local\recently-used.xbel

2013-10-06 17:11:13 0A9CA826D4673751A22C4AB1D2CBD644 70248 ----a-w- C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT

2013-09-30 17:57:01 -------- d-----w- C:\Users\admin\AppData\Roaming\QuotePad

2013-09-28 20:39:13 -------- d-----w- C:\Users\admin\AppData\Roaming\vlc

====== C:\Users\admin ======

2013-10-08 17:36:48 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\admin\Downloads\RSIT.exe

2013-10-08 16:07:43 1AFAB6EE6F3EA3456E8F5560CD28DCA2 1855072 ----a-w- C:\Users\admin\Downloads\iview436_setup.exe

2013-10-06 19:50:53 FAEDFE66CF96784098C9B7B1F405EF12 1582 ----a-w- C:\ProgramData\Booking.ico

2013-10-06 19:49:38 -------- d-----w- C:\ProgramData\BitGuard

2013-10-06 17:21:38 748835EA85085D2B89A5891FA588577D 559035 ----a-w- C:\Users\admin\Downloads\JRT.exe

2013-10-06 17:21:07 9CAEC4452CB20FD0BCF56868B94B96C9 592856 ----a-w- C:\Users\admin\Downloads\cbsidlm-tr1_15-Junkware_Removal_Tool-ORG-75910255.exe

2013-10-06 17:07:11 86229B2082FC763D7803CC2D9ABFB551 168760 ----a-w- C:\Users\admin\Downloads\AdwCleaner.exe

2013-10-06 15:18:02 96030AE285C32ECCD1C599F1C5DD2BEF 581957 ----a-w- C:\Users\admin\Desktop\AdwCleaner_1.606_En.exe

2013-10-06 12:36:06 848278CBD6DDA4EF4E832FB92428EEC0 728960 ----a-w- C:\Users\admin\Downloads\SpyHunter-Installer.exe

2013-10-05 17:33:29 15F56193D25FBCEBED9E431629976C78 7854369 ----a-w- C:\Users\admin\Downloads\adresses.exe

2013-09-30 17:56:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuotePad

2013-09-28 20:38:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

2013-09-28 20:36:17 8BEB1A5BC7EF0E2A2D7EB44B74A2ADE7 24278649 ----a-w- C:\Users\admin\Downloads\vlc-2.1.0-win32.exe

====== C: exe-files ==

2013-10-11 19:07:47 F422BB58E93A0451A5ADE8BC34E1FAEA 65312 ----a-w- C:\Program Files\LemurLeap\updateLemurLeap.exe

2013-10-09 21:42:55 E8433E4E65BDFB35DE5C2BFF745F1386 42496 ----a-w- C:\Windows\System32\ie4uinit.exe

2013-10-09 21:42:55 58A43D9DFFF91C1457EC47BDCF969B59 71680 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-10-09 21:42:53 D6B7DDB68436F13C3CAE2B92524F1FEC 770648 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-10-09 16:39:02 813A7F5A2D6D366EB3FFB643B851BCE5 3914176 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-10-09 16:39:02 482C8CD985C727C7C78A5E9B320947F0 3969472 ----a-w- C:\Windows\System32\ntkrnlpa.exe

2013-10-08 17:37:19 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\admin.exe

2013-10-08 17:36:48 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\admin\Downloads\RSIT.exe

2013-10-08 16:07:43 1AFAB6EE6F3EA3456E8F5560CD28DCA2 1855072 ----a-w- C:\Users\admin\Downloads\iview436_setup.exe

2013-10-06 19:58:39 C5A2D6DAFEA3E584BA34AE0BA86A4625 1300709 ----a-w- C:\Program Files\Free YouTube Downloader\unins000.exe

2013-10-06 19:58:00 ED8B665B985FE5A8ED1DB3BF73BBDE32 835176 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MUMP2BVV\Setup[1].exe

2013-10-06 19:57:53 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YMASSJ0P\LemurLeap_sm[1].exe

2013-10-06 19:57:53 C78539208554BDF5B49D6A17C7965853 175208 ----a-w- C:\Users\admin\AppData\Local\Temp\LemurLeap_sm.exe

2013-10-06 19:50:52 FDCEB7AADDF48AB011561FC4974337D5 191488 ----a-w- C:\Program Files\Free YouTube Downloader\YouTubeDownloader.exe

2013-10-06 19:50:52 BE758B90DF515250BA0E01C1395B5DE7 11608 ----a-w- C:\Program Files\Free YouTube Downloader\YouTubeDownloader.vshost.exe

2013-10-06 19:50:50 2A6F93C43DAFD471317DA13CAC71668A 12265472 ----a-w- C:\Program Files\Free YouTube Downloader\ffmpeg.exe

2013-10-06 19:50:06 96463F3FABD45032F02DA0437686B8BA 785048 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZPWEQ1P2\minibar-core[1].exe

2013-10-06 19:49:49 425622F8DB2694C34D1908A77612ACFC 2845664 ----a-w- C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe

2013-10-06 19:49:47 425622F8DB2694C34D1908A77612ACFC 2845664 ----a-w- C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe

2013-10-06 19:49:03 8B64BCD9EAF292636E68CA78C6DE79D4 5668624 ----a-w- C:\Users\admin\AppData\Local\Temp\{2CDC3929-2938-4A98-BB25-93C91963FEBB}\setup.exe

2013-10-06 19:48:34 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZPWEQ1P2\FreeYouTubeDownloaderSetupToolbarFree[1].exe

2013-10-06 19:48:30 2F5252E50745E47DB355B005725DAE05 327880 ----a-w- C:\Users\admin\AppData\Local\Temp\appshat-distribution.exe

2013-10-06 19:48:29 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FS5VYW5Q\appshat-distribution[1].exe

2013-10-06 19:48:28 D3197FAE11B8307F0F52343142709D77 836708 ----a-w- C:\Users\admin\AppData\Local\Temp\DeltaTB.exe

2013-10-06 19:48:27 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YMASSJ0P\DeltaTB[1].exe

2013-10-06 19:47:56 FBE369DF3B3D51CB874535FAA3B3EBEA 5807696 ----a-w- C:\Users\admin\AppData\Local\Temp\OptimizerPro.exe

2013-10-06 19:47:54 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M770M6R\OptimizerPro[1].exe

2013-10-06 19:47:53 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5GINKTKT\LollipopInstaller_14693[1].exe

2013-10-06 19:47:49 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A39I58X3\UpdateCheckerSetup[1].exe

2013-10-06 19:47:49 83087F025194693DFF3A0F22E6A4AE96 196376 ----a-w- C:\Users\admin\AppData\Local\Temp\UpdateCheckerSetup.exe

2013-10-06 17:21:46 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2013-10-06 17:21:38 748835EA85085D2B89A5891FA588577D 559035 ----a-w- C:\Users\admin\Downloads\JRT.exe

2013-10-06 17:21:07 9CAEC4452CB20FD0BCF56868B94B96C9 592856 ----a-w- C:\Users\admin\Downloads\cbsidlm-tr1_15-Junkware_Removal_Tool-ORG-75910255.exe

2013-10-06 17:07:32 2B8FB03BF38CB33A98D804CFDC2BB2C0 258560 ----atw- C:\Users\admin\AppData\Local\Temp\ins70\ins70.exe

2013-10-06 17:07:11 86229B2082FC763D7803CC2D9ABFB551 168760 ----a-w- C:\Users\admin\Downloads\AdwCleaner.exe

2013-10-06 17:02:47 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Users\admin\AppData\Local\Temp\vcredist_x86.exe

2013-10-06 17:02:39 858D895AD40DE9779E78C39A116F9553 10355400 ----a-w- C:\Users\admin\AppData\Local\Temp\BackupSetup.exe

2013-10-06 15:18:29 8B64BCD9EAF292636E68CA78C6DE79D4 5668624 ----a-w- C:\Users\admin\AppData\Local\Temp\{1C351DDC-B7FD-4598-8CE0-BB7A2ED701AD}\setup.exe

2013-10-06 15:18:02 96030AE285C32ECCD1C599F1C5DD2BEF 581957 ----a-w- C:\Users\admin\Desktop\AdwCleaner_1.606_En.exe

2013-10-06 15:17:47 8F8138B6D2B9428C388E763347C515A8 5514432 ----a-w- C:\Users\admin\AppData\Local\Temp\ins1197\LyricsSay_1060-8002_v122.exe

2013-10-06 15:17:40 2CEB3D1FEA2D286AAFF83C879235DCCF 890704 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A39I58X3\Setup[1].exe

2013-10-06 13:07:54 6B110E925294547A7D288F26DA19D199 179687 ----a-w- C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP\WiseCustomCalla18.exe

2013-10-06 12:37:38 2349274E327CAC32501C93AE37E16B48 180934 ----a-w- C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP\WiseCustomCalla21.exe

2013-10-06 12:36:31 84126D8FA81D231E1DEFD8D0906F8D70 45827664 ----a-w- C:\Users\admin\AppData\Local\Temp\SHSetup.exe

2013-10-06 12:36:06 848278CBD6DDA4EF4E832FB92428EEC0 728960 ----a-w- C:\Users\admin\Downloads\SpyHunter-Installer.exe

2013-10-05 18:19:44 663C0061B5141CBFA401E578C36F129C 12612850 ----a-w- C:\Users\admin\AppData\Local\Temp\is1244477948\4806171_Setup.EXE

2013-10-05 17:33:29 15F56193D25FBCEBED9E431629976C78 7854369 ----a-w- C:\Users\admin\Downloads\adresses.exe

2013-10-04 20:05:20 4CFCD3F168F5333FFDD44BC64491A267 521216 ----a-w- C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

=== C: other files ==

2013-10-09 16:39:15 FDA6F2BB7FA034D95863ED8788B4E416 284672 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_12acda10f5c2fedf\usbport.sys

2013-10-09 16:39:15 FDA6F2BB7FA034D95863ED8788B4E416 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-10-09 16:39:15 FC6B21DB4B5B398AB93DBE59CBF11036 36352 ----a-w- C:\Windows\System32\DriverStore\FileRepository\sti.inf_x86_neutral_24eb5587941b03fb\usbscan.sys

2013-10-09 16:39:15 FC6B21DB4B5B398AB93DBE59CBF11036 36352 ----a-w- C:\Windows\System32\drivers\usbscan.sys

2013-10-09 16:39:15 F1B27299F547D452EDAEF01FC187CB91 25728 ----a-w- C:\Windows\System32\DriverStore\FileRepository\input.inf_x86_neutral_1436b88c77b8881d\hidparse.sys

2013-10-09 16:39:15 F1B27299F547D452EDAEF01FC187CB91 25728 ----a-w- C:\Windows\System32\drivers\hidparse.sys

2013-10-09 16:39:15 DCDF9855145A14DFCA0AB32308871961 20480 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_12acda10f5c2fedf\usbohci.sys

2013-10-09 16:39:15 DCDF9855145A14DFCA0AB32308871961 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2013-10-09 16:39:15 C4FB8E7ADEA9B5CEEA885A1B504B7E40 43008 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_12acda10f5c2fedf\usbehci.sys

2013-10-09 16:39:15 C4FB8E7ADEA9B5CEEA885A1B504B7E40 43008 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-10-09 16:39:15 8E51D04175BAA14C4F79AA5F6D248770 24064 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_12acda10f5c2fedf\usbuhci.sys

2013-10-09 16:39:15 8E51D04175BAA14C4F79AA5F6D248770 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2013-10-09 16:39:15 86AA95ACB611001E26CD2C0145F2225A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_12acda10f5c2fedf\usbhub.sys

2013-10-09 16:39:15 86AA95ACB611001E26CD2C0145F2225A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_ef2e2e69da5c57df\usbhub.sys

2013-10-09 16:39:15 86AA95ACB611001E26CD2C0145F2225A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-10-09 16:39:15 71D97F1A3CC47A56728F7A400A3F8295 76288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_ef2e2e69da5c57df\usbccgp.sys

2013-10-09 16:39:15 71D97F1A3CC47A56728F7A400A3F8295 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-10-09 16:39:15 6FB17D7A2E76B838886E5E8C60239DAE 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_12acda10f5c2fedf\usbd.sys

2013-10-09 16:39:15 6FB17D7A2E76B838886E5E8C60239DAE 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-10-09 16:39:15 50ABE682EBE752EAF62B18790D6D491C 55808 ----a-w- C:\Windows\System32\DriverStore\FileRepository\input.inf_x86_neutral_1436b88c77b8881d\hidclass.sys

2013-10-09 16:39:15 50ABE682EBE752EAF62B18790D6D491C 55808 ----a-w- C:\Windows\System32\drivers\hidclass.sys

2013-10-09 16:39:14 71BC35067CABC02C9453AEAA42B2E43E 729024 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-10-09 16:39:13 F81BB7E487EDCEAB630A7EE66CF23913 338944 ----a-w- C:\Windows\System32\drivers\afd.sys

2013-10-09 16:39:13 CA59F7C570AF70BC174F477CFE2D9EE3 1294272 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-10-09 16:39:08 007C0C8D5B01D82ACEB70431D15083F6 28160 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mdmcpq.inf_x86_neutral_1965855805a8e768\usbser.sys

2013-10-09 16:38:55 445C354D772DFEBF46F73078C8C2C797 2348544 ----a-w- C:\Windows\System32\win32k.sys

2013-10-09 16:38:53 21F4B24ACFC79A483515BD986DD9043F 115712 ----a-w- C:\Windows\System32\drivers\mrxdav.sys

2013-10-09 16:38:51 DE014425522610BEDCA3821BB8C0F1D5 146816 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbvideo.inf_x86_neutral_b63436395ec126b7\usbvideo.sys

2013-10-09 16:38:51 A1977C315BF5691DA99235AA4A6907AF 80896 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdma_usb.inf_x86_neutral_8583111d879ac65d\USBAUDIO.sys

2013-10-09 16:38:51 2352AB5F9F8F097BF9D41D5A4718A041 86016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbcir.inf_x86_neutral_1a7503cad201feda\usbcir.sys

2013-10-09 16:38:51 2352AB5F9F8F097BF9D41D5A4718A041 86016 ----a-w- C:\Windows\System32\drivers\usbcir.sys

2013-10-09 16:38:50 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2013-10-06 17:21:44 FDB9CF820305FE44231763042642F7A6 12733 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\searchlnk.bat

2013-10-06 17:21:44 F871C2EECFB5DF889C240D846473CD80 89287 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\misc.bat

2013-10-06 17:21:44 F6CA4866511929B8356C67C40DF7D9B3 28960 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\prelim.bat

2013-10-06 17:21:44 EC2D0525D784635AC629EA4B3B60A0F1 11656 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\JRT.bat

2013-10-06 17:21:44 D69A075ABACDEB803121FD49E176906A 13748 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\get.bat

2013-10-06 17:21:44 BE9A93AB5FE6CAE1D6A78857B04F04FC 15330 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\chrome.bat

2013-10-06 17:21:44 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\FWPolicy.bat

2013-10-06 17:21:44 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\ev_clear.bat

2013-10-06 17:21:44 6FA00F3154329484AE7CA523863F010F 38960 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\ask.bat

2013-10-06 17:21:44 6C966C77884990CE8F02799FF6227BB1 9486 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\modules.bat

2013-10-06 17:21:44 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\delorphans.bat

2013-10-06 17:21:44 5738500CE82B28738D24E2B61B2842C3 219670 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\firefox.bat

2013-10-06 17:21:44 4C51096033E1B16985334794FAAA2FA6 1018 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\TDL4.bat

2013-10-06 17:21:44 1ACDFEB8A7A728A429476F11E7A24617 29141 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\iexplore.bat

2013-10-06 17:21:44 150B311890A68BB34170FBB4FAA733F5 6699 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\runvalues.bat

2013-10-06 17:21:44 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\medfos.bat

2013-10-06 17:21:44 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\admin\AppData\Local\Temp\jrt\delfolders.bat

2013-10-06 17:08:08 97D169AC1A8108BF4D1C62221D720790 631 ----a-w- C:\Users\admin\AppData\Local\Temp\Uninst.bat

2013-10-05 18:20:48 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MUMP2BVV\1.1.6.6[1].crx

2013-10-05 18:20:48 2D0E258C08354FA84E5CB5D312B8E83F 416279 ----a-w- C:\Users\admin\AppData\Local\Temp\eIntaller\D9BEF0DB04314e89A9974FCB72E7AD80\newtab.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-779995794-2056842348-1647886699-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Dictionary .NET"="C:\Users\admin\AppData\Local\Temp\Temp1_DictionaryNet.zip\Dictionary.exe -c"

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"

"Spotify Web Helper"="C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"WiFi Guard"="C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe /hide"

"SDP"="C:\Users\admin\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto "

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CLMLServer"="C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

"UpdateP2GoShortCut"="C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0"

"RemoteControl9"="C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"

"PDVD9LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"

"BDRegion"="C:\Program Files\Cyberlink\Shared Files\brs.exe"

"UpdatePPShortCut"="C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\PowerProducer UpdateWithCreateOnce Software\CyberLink\PowerProducer\5.0"

"UpdatePSTShortCut"="C:\Program Files\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\Blu-ray Disc Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter"

"VMware hqtray"="C:\Program Files\VMware\VMware Player\hqtray.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"CanonSolutionMenuEx"="C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"PixelPlanet PdfPrinter-Monitor"="C:\Program Files\Common Files\PixelPlanet\PdfPrinter 6\PdfPrinterMonitor.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"obkagent"="C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Dictionary .NET"="C:\Users\admin\AppData\Local\Temp\Temp1_DictionaryNet.zip\Dictionary.exe -c"

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"

"Spotify Web Helper"="C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"WiFi Guard"="C:\Program Files\SoftPerfect WiFi Guard\WiFiGuard.exe /hide"

"SDP"="C:\Users\admin\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto "

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\\progra~2\\bitguard\\261694~1.246\\{c16c1~1\\bitguard.dll "

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpeedUpMyPC]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SpeedUpMyPC"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Uniblue\\SpeedUpMyPC\\launcher.exe\" -d 20000 "

==== Startup Folders ======================

2013-01-09 22:29:44 1339 ----a-w- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk

2013-02-02 18:05:37 1049 ----a-w- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

2011-07-05 17:02:42 2031 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2013 20:11]

C:\Windows\tasks\GlaryInitialize.job --a------ C:\Program Files\Glary Utilities\initialize.exe [22/03/2010 13:03]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [07/11/2011 20:20]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [07/11/2011 20:20]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\BitGuard" [C:\Windows\system32\sc.exe start BitGuard]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\GlaryInitialize" [C:\Program Files\Glary Utilities\initialize.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\Open URL by RoboForm" [C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.html?aaa=KICMKMJJLMKMGMLMGMMJCNPMOJJJPMCNLMMMMMNJCNOJGMLJLMCNOMPMHMNMKMJJOMJMPMNMLJOJJNJICMIMCNLMCNOMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMFMPMJNHICMMJBJKJLIMJJNBJCMOJLJCJGJBJJNKJCMJNNICMJNDJCMBJDJ"]

"C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-779995794-2056842348-1647886699-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-779995794-2056842348-1647886699-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]

"C:\Windows\system32\tasks\Run RoboForm TaskBar Icon" [C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{FA3CA16D-C6C1-4DBE-9567-DE3E8455D956}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [17/09/2013 21:17]

==== Firefox Extensions ======================

ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default

- Belgium eID - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be

- LyricsSay-1 - %ProfilePath%\extensions\71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com

- LemurLeap - %ProfilePath%\extensions\firefox@lemurleap.info

- LemurLeap - %ProfilePath%\extensions\firefox@lemurleap.info.xpi

- Thumbnail Zoom Plus - %ProfilePath%\extensions\thumbnailZoom@dadler.github.com.xpi

- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi

- Picture Zoom Plus - %ProfilePath%\extensions\xxcessl0gycs@gmail.com.xpi

- ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi

ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\r10fm3x1.default

- LemurLeap - %ProfilePath%\extensions\firefox@lemurleap.info.xpi

- Pocket - %ProfilePath%\extensions\isreaditlater@ideashower.com.xpi

- ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

==== Firefox Plugins ======================

Profilepath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

D1DC265C3FF7F92B4A75A55B3749D48C - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In

04ACC61B47857E779CD92D1D88770BF1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

77B09C2C6F407531447DA75E3ACD1C5B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update

7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

179B446B36562BA025F38A5B0760DBEA - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25

2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.16

BC601425BC360C12DF2277992C6D83D5 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.4

7B64C498A4E0958967EBD9439EE93DB4 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4

309817C5A02434365B0091021FD70610 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4

A0D9A846578582064F3D066B23CD2E55 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4

2871984886154973C810DAF2A9294510 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4

61EA5261198FD2431A4DD088569ED8D4 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4

270EE43CC00609B9937AAF94E1E970D4 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

C548328E9DE5EB73350EF292D7140662 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa

C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery

B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

Profilepath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\r10fm3x1.default

04ACC61B47857E779CD92D1D88770BF1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

77B09C2C6F407531447DA75E3ACD1C5B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

D1DC265C3FF7F92B4A75A55B3749D48C - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

BC601425BC360C12DF2277992C6D83D5 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.4

7B64C498A4E0958967EBD9439EE93DB4 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4

309817C5A02434365B0091021FD70610 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4

A0D9A846578582064F3D066B23CD2E55 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4

2871984886154973C810DAF2A9294510 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4

61EA5261198FD2431A4DD088569ED8D4 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4

270EE43CC00609B9937AAF94E1E970D4 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

D0DA6B2FB50A0667CF4BACC2AEFEA009 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll - Java Platform SE 7 U5

C548328E9DE5EB73350EF292D7140662 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa

C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery

7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

==== Deleting Files \ Folders ======================

"C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\extensions\71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\admin\AppData\Roaming\BabSolution\CR\Delta.crx[]

Delta Toolbar - admin - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde

Add Lyrics - admin - Default\Extensions\kdlfddggdloaadnphbhejknhaggjaeld

DealPly Shopping - admin - Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf

LyricsSay-1 - admin - Default\Extensions\pbjcbkbcncfkoljakenekllbfdonhjef

==== Chrome Fix ======================

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage deleted successfully

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdlfddggdloaadnphbhejknhaggjaeld deleted successfully

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjcbkbcncfkoljakenekllbfdonhjef deleted successfully

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.delta-search.com/?babsrc=HP_ss&mntrId=9A84E091F523EA46&affID=125155&tsp=5027"

"Backup.Old.Start Page"="http://start.be/"

"Default_Page_URL"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://www.google.com"

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.com"

"Backup.Old.Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{03051086-C7A4-0250-3C2A-1C3F4CACF451} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"

{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Delta Search Url="http://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=9A84E091F523EA46&affID=125155&tsp=5027"

{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{80c554b9-c7f8-4a21-9471-06d606da78a2} Bing Url="http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE"

{F6909F06-51FF-4A24-92CD-9C55E832950B} Google Url="http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=&rlz=1I7AURU_nlBE498"

==== Reset Google Chrome ======================

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-779995794-2056842348-1647886699-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully

HKEY_USERS\S-1-5-21-779995794-2056842348-1647886699-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{415419C3-DAD0-4DF1-AC37-22C72AD81878} deleted successfully

HKEY_USERS\S-1-5-21-779995794-2056842348-1647886699-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48F6F60F-F426-421B-806E-BACDE69252C6} deleted successfully

HKEY_USERS\S-1-5-21-779995794-2056842348-1647886699-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully

HKEY_USERS\S-1-5-21-779995794-2056842348-1647886699-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48F6F60F-F426-421B-806E-BACDE69252C6} deleted successfully

HKEY_USERS\S-1-5-21-779995794-2056842348-1647886699-1000\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{415419C3-DAD0-4DF1-AC37-22C72AD81878} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{415419C3-DAD0-4DF1-AC37-22C72AD81878} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{48F6F60F-F426-421B-806E-BACDE69252C6} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-779995794-2056842348-1647886699-1000\Software\Mozilla\Firefox\Extensions\addlyrics@addlyrics.net deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyPC deleted successfully

==== Empty IE Cache ======================

C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\admin\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\admin\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\admin\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\admin\AppData\Local\Mozilla\Firefox\Profiles\hkky9amf.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\admin\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found

"C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found

"C:\Program Files\LemurLeap" not found

"C:\ProgramData\BitGuard" not found

"C:\Users\admin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BMRB4XHY\syndication.vmma.be" not found

==== EOF on vr 11/10/2013 at 22:17:38,34 ======================

[kape]

Dubbelklik op Zoek.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  C:\Program Files\LemurLeap;fs
 C:\ProgramData\BitGuard;fs
 C:\Users\admin\AppData\Local\Temp\LemurLeap_sm.exe;f
 C:\Users\admin\AppData\Local\Temp\9F7289A5-BAB0-7891-B724-D00621E4D400\Latest\BExternal.dll;f
 C:\Users\admin\AppData\Local\Temp\9F7289A5-BAB0-7891-B724-D00621E4D400\Latest\IEHelper.dll;f
 C:\Users\admin\AppData\Local\Temp\9F7289A5-BAB0-7891-B724-D00621E4D400\Latest\sqlite3.dll;f
 C:\Users\admin\AppData\Local\Temp\{2CDC3929-2938-4A98-BB25-93C91963FEBB}\setup.exe;f
 C:\Users\admin\AppData\Local\Temp\appshat-distribution.exe;f
 C:\Users\admin\AppData\Local\Temp\DeltaTB.exe;f
 C:\Users\admin\AppData\Local\Temp\OptimizerPro.exe;f
 C:\Users\admin\AppData\Local\Temp\UpdateCheckerSetup.exe;f
 C:\Users\admin\AppData\Local\Temp\jrt\erunt\ERUNT.EXE;f
 C:\Users\admin\AppData\Local\Temp\ins70\ins70.exe;f
 C:\Users\admin\AppData\Local\Temp\vcredist_x86.exe;f
 C:\Users\admin\AppData\Local\Temp\BackupSetup.exe;f
 C:\Users\admin\AppData\Local\Temp\{1C351DDC-B7FD-4598-8CE0-BB7A2ED701AD}\setup.exe;f
 C:\Users\admin\AppData\Local\Temp\ins1197\LyricsSay_1060-8002_v122.exe;f
 C:\Users\admin\AppData\Local\Temp\SHSetup.exe;f
 C:\Users\admin\AppData\Local\Temp\is1244477948\4806171_Setup.EXE;f
 C:\AdwCleaner[s3].txt;f
 C:\AdwCleaner[R5].txt;f
 C:\AdwCleaner[R4].txt;f
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows];r
 "AppInit_DLLs"=-;r
 C:\Windows\system32\tasks\BitGuard;fs
 C:\Windows\system32\sc.exe;f
 C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\extensions\firefox@lemurleap.info;f
 C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hkky9amf.default\extensions\firefox@lemurleap.info.xpi;f

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[Loprakso]

Alvast bedankt voor je hulp tot hiertoe want tal van problemen zijn reeds van de baan.

Hoed af voor wat je reeds bekomen hebt.

Maar het lukt mij niet je bericht van gisteren uit te voeren. Waarschijnlijk doe ik iets fout.

In de zoekfunctie van de Startknop geef ik "zoek.exe" in en dubbelklik nadien op als "administrator uitvoeren" maar dan schakelt de pc zich "volledig" uit en bij een nieuwe opstart gebeurt er niets. Ik kan dus uw code (ganse tekst?) niet plakken.

Wat er zich nu wel voordoet is dat ik na het starten van de pc een melding krijg van Intel Corporation voor het uitvoeren van "GfxUI". Indien ik op ja klik gebeurt er gewoon niks

Verder openen zich nog steeds alle mogelijke berichten bij het surfen. Echt vervelend.

Dit nog. In het begin, bij het vaststellen van de problemen, wou ik een systeemherstel uitvoeren en daar slaagde ik niet in?

Bedankt voor je geduld.

[kape]

Waar heb je het bestand zoek.exe geplaatst, na het unzippen van zoek.zip ?